It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Meet 'Rakshasa,' The Malware Infection Designed To Be Undetectable And Incurable
page: 4share:
reply to post by The X
Wow...... That has got to be in the top ten of my most stupid laws proposed.... Trying to outlaw a program that is readily available all over the net? If y'all let that one slide, I bet Nmap is next....
Wow...... That has got to be in the top ten of my most stupid laws proposed.... Trying to outlaw a program that is readily available all over the net? If y'all let that one slide, I bet Nmap is next....
edit on Sat, 28 Jul 2012 18:40:32 -0500 by TKDRL because: (no reason given)
reply to post by The X
Im not guaranteeing its safe either, its just after looking into it i couldnt spot any infection on a test machine i setup last night. I used a program to decompiled the SLIC tables and it looked ok as far as i could tell. I also spoke to a few people last night and a few more today about it and they all said the same thing. It could be a problem but nothing has been detected so far..
I certainly do NOT endorse using the Daz loader at all but at the same time no one i have spoken with says there has been any problem with it that they know of to date. Im not saying it safe but at the same time i cant find any problems..
Im not guaranteeing its safe either, its just after looking into it i couldnt spot any infection on a test machine i setup last night. I used a program to decompiled the SLIC tables and it looked ok as far as i could tell. I also spoke to a few people last night and a few more today about it and they all said the same thing. It could be a problem but nothing has been detected so far..
I certainly do NOT endorse using the Daz loader at all but at the same time no one i have spoken with says there has been any problem with it that they know of to date. Im not saying it safe but at the same time i cant find any problems..
edit on 28-7-2012 by PhoenixOD because: (no reason given)
this guys a dooosh why would he want to destroy peoples computers?
reply to post by PhoenixOD
I concur. I've analyzed the SLIC tables of a machine "exposed" to the Daz loader and it appears clean as well. It seems to be that the premise of Brossard's paper is to highlight the "proof-of-concept" exploit that Rakshasa takes advantage of.
However, this is technically not a new exploit, as previously stated in this thread. It is likely there is malware out in the wild taking advantage of this exploit right now. Is the Daz loader a culprit? Well, considering the Daz loader is a closed-source variant of the Hazar loader that countless individuals trust to activate their Windows installations, it is a possibility.
I concur. I've analyzed the SLIC tables of a machine "exposed" to the Daz loader and it appears clean as well. It seems to be that the premise of Brossard's paper is to highlight the "proof-of-concept" exploit that Rakshasa takes advantage of.
However, this is technically not a new exploit, as previously stated in this thread. It is likely there is malware out in the wild taking advantage of this exploit right now. Is the Daz loader a culprit? Well, considering the Daz loader is a closed-source variant of the Hazar loader that countless individuals trust to activate their Windows installations, it is a possibility.
"What are they going to do?, make API's illegal, because any hacker worth his salt can write a custom program that can do the same job and it will remain undetected for a while".
This goes back to the notion that code-writing software is going to have to be highly regulated, only available on certain computers at education institutions and government institutions. All code writers will need to be closely watched sadly.
we are at a moment in time which we will never ever see again, right now, there are a bunch of people who would normally be outside the loop, actually maintaining it. If these people realized how important it is for them to do for humanity what we all need to see, to provide evidence of the ongoing illegality and fraud that is perpetrated against us by governments and security agencies, it would be the best chance we ever have of realigning the playing field.
I was all for anon and the wikileaks movement, but what happened to that...nothing. This indicates that the movement failed, got hijacked, or was simply a creation by vested interests, possibly even by the authority figures to reel in hackers.
Trying to outlaw a program that is readily available all over the net?
Yea, this poses a problem. I believe in the near-future there will be a UN call for this kind of legislation globally to remove these tools from the internet, and highly regulate code writing software. Outlawing these programs would be less cost efficient and more invasive in regards to computer and internet users.
reply to post by PhoenixOD
Thanks for your reply but luckily for me I had downloaded Firefox and Opera before my IE8 got locked down.... so i'm using those browsers now....
Thanks for your reply but luckily for me I had downloaded Firefox and Opera before my IE8 got locked down.... so i'm using those browsers now....
reply to post by VoidHawk
Yes, I have seen them before, resident Bios malware scrips, and they do require some work to defeat. If you have this, and try to install an OS that is on a CD-RW, the malware will transfer to the CD. Had that happen a few times too.
My machine has a security password protected Bios and MBR, and an encrypted HDD.
Bios infection used to happen years ago but now most bios chips are protected, some even keep a backup on a second chilp thats not write enabled.
Yes, I have seen them before, resident Bios malware scrips, and they do require some work to defeat. If you have this, and try to install an OS that is on a CD-RW, the malware will transfer to the CD. Had that happen a few times too.
My machine has a security password protected Bios and MBR, and an encrypted HDD.
reply to post by Utopia2012
If they attempted that, they would be screwed. They would be invoking the wrath of prettymuch every coder.
No way, no how. A billion angry computer geeks unite. That would be insanity.
If they attempted that, they would be screwed. They would be invoking the wrath of prettymuch every coder.
No way, no how. A billion angry computer geeks unite. That would be insanity.
edit on Tue, 31 Jul 2012 17:56:30 -0500 by TKDRL because: (no reason given)
The X
Originally posted by PhoenixOD
reply to post by The X
So if im understanding you correctly no one else is saying that the windows patch you are talking about ( i assume is the Daz loader ) is infecting machines except you?
Im not saying you are wrong its just if there is other information out there about the DAZ loader or similar windows loader programs containing an advanced BIOS resident virus installed through patching SLIC tables then i would very much like to read it.
I bought new motherboards eventually for ALL the pc's in my home this is how certain i was it was happening and couldn't be anything else
Sorry to bring up this old topic, but I can't help wondering: "Why did The X have to buy new motherboards for ALL the PC's in his home, when only one computer was supposedly infected by a BIOS virus or rootkit?"
edit on 7-10-2013 by r2d2ac because: (no reason given)
reply to post by Maxmars
The only way around this to implement a fully fixed logic ASIC based computer. Fixed logic mass memory storage. ( flash without the ICs for rewriting aka WORM).
www.denali.com...
"SanDisk has just unveiled a WORM (write-once, read mostly) variant of the ubiquitous SD Flash memory card that’s intended for applications where stored data must be tamper-proof and unalterable. Such situations include video, image, audio and other forms of legal evidence; business and tax records; voting records; and medical records. In all such cases, all parties must believe that the data is exactly as it should be and that there’s no chance that it’s been tampered with. Lives and careers are at stake in most of these applications."
Then the virus/trojan/worm can replicate while it is infected all it wants nothing will be saved when the computer is turned off and rebooted.
All saved files go to a private sequestered drive that is quarantined from public use. The fixed logic ASIPs running the programs are only designed to run those programs. Nothing else will run on the ASIPs.
The only way around this to implement a fully fixed logic ASIC based computer. Fixed logic mass memory storage. ( flash without the ICs for rewriting aka WORM).
www.denali.com...
"SanDisk has just unveiled a WORM (write-once, read mostly) variant of the ubiquitous SD Flash memory card that’s intended for applications where stored data must be tamper-proof and unalterable. Such situations include video, image, audio and other forms of legal evidence; business and tax records; voting records; and medical records. In all such cases, all parties must believe that the data is exactly as it should be and that there’s no chance that it’s been tampered with. Lives and careers are at stake in most of these applications."
Then the virus/trojan/worm can replicate while it is infected all it wants nothing will be saved when the computer is turned off and rebooted.
All saved files go to a private sequestered drive that is quarantined from public use. The fixed logic ASIPs running the programs are only designed to run those programs. Nothing else will run on the ASIPs.
reply to post by The X
It overtakes the boot file. To get rid of it you need to somehow get rid of the boot file. Doing so will usually leave your computer unable to start and will require a clean install.
It overtakes the boot file. To get rid of it you need to somehow get rid of the boot file. Doing so will usually leave your computer unable to start and will require a clean install.
new topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 2 hours ago -
Maestro Benedetto
Literature: 4 hours ago -
Is AI Better Than the Hollywood Elite?
Movies: 4 hours ago -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 7 hours ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 8 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 9 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 10 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 10 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 11 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 2 hours ago, 23 flags -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 14 hours ago, 9 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 16 hours ago, 8 flags -
Weinstein's conviction overturned
Mainstream News: 12 hours ago, 8 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 13 hours ago, 8 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 11 hours ago, 7 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 9 hours ago, 7 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 7 hours ago, 6 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 10 hours ago, 5 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 8 hours ago, 4 flags
active topics
-
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 687 • : Justoneman -
Reason of the Existence
The Gray Area • 21 • : BingoMcGoof -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 10 • : nugget1 -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 85 • : Sookiechacha -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People • 24 • : nugget1 -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 63 • : pianopraze -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 74 • : Justoneman -
Starburst galaxy M82 - Webb Vs Hubble
Space Exploration • 6 • : Arbitrageur -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 264 • : stelth2 -
VirginOfGrand says hello
Introductions • 9 • : TheMichiganSwampBuck